North Carolina Security Breach Reporting Form 
Pursuant to the Identity Theft Protection Act of 2005 

*lndicated a mandatory field 

*Name of the Company or Government Agency owning or licensing information affected by the entity experiencing 
breach: 

LANDO LAW FIRM, LLC 


Entity Type: 
Address: 

Apt/ Suite/Building: 
City: 

State: 

Zip Code: 
Telephone: 

Fax: 

Email: 


GENERAL BUSINESS 
7612 CHARLOTTE HIGHWAY 

INDIAN LAND 
SC 

29707 

(803) 548-9967 
(803) 228-0058 

INFO@LANDOLAWFIRM.COM 


*Date Security breach Reporting Form Submitted: 09/01/2015 

*Date the Security Breach was discovered: 06/04/2015 

Breach Type: PHISHING 

*Estimated number of affected individuals: 416 

*Estimated number of NC residents affected: 143 


Name of company or government agency maintaining or possessing information that was the subject of 
the Security Breach, if the agency that experienced the Security Breach is not the same entity as the 
agency reporting the Security Breach (pursuant to N.C.G.S. 75-65(b)) 


Describe the 
circumstances 
surrounding the 
Security Breach: 


ON JUNE 3, 2015, THE FIRM LEARNED THAT AN UNAUTHORIZED 
INDIVIDUAL HAD GAINED ACCESS TO ONE OF THE FIRM’S EMAIL 
ACCOUNTS. THE FIRM BELIEVES THAT CERTAIN PERSONAL 
INFORMATION, INCLUDING SOCIAL SECURITY NUMBER, BANK 
ACCOUNT NUMBER, AND DRIVER’S LICENSE NUMBER, MAY HAVE BEEN 
CONTAINED WITHIN EMAILS SENT TO OR FROM THIS ACCOUNT. 


Information Type: 


ACCOUNT # 
DRIVER'S LICENSE 
SSN 


*Regarding YES 

information 

breached, if 

electronic, was the 

information 

protected in some 


manner: 



If YES, please WEB ACCESS TO THE FIRM EMAIL ACCOUNT IS PASSWORD 

describe the PROTECTED. 

security measures 

protecting the 

information: 


*Describe any 
measures taken to 
prevent a similar 
Security Breach 
from occurring in 
the future: 


UPON LEARNING OF THE INCIDENT, THE FIRM PROMPTLY TOOK STEPS 
TO ADDRESS THE SITUATION, INCLUDING CHANGING THE ACCOUNT 
CREDENTIALS TO PREVENT ADDITIONAL UNAUTHORIZED ACCESS TO 
THE ACCOUNT AND IMPLEMENTED ADDITIONAL SECURITY 
MEASURES ON ALL COMPANY EMAIL ACCOUNTS, INCLUDING TWO- 
FACTOR AUTHENTICATION, AND PROVIDING ADDITIONAL 
INFORMATION AND EMPLOYEE TRAINING ABOUT THESE THREATS TO 
HELP PREVENT THIS TYPE OF INCIDENT FROM RECURRING IN THE 
FUTURE. 


*Date affected NC 09/04/2015 
residents were/will 
be notified: 


Describe the circumstances surrounding the delay in notifying BECAUSE THE NATURE OF THE 
affected NC residents pursuant to N.C.G.S. 75-65 (a) and (c): INCIDENT INVOLVED 

UNAUTHORIZED WEB ACCESS TO 
FIRM E-MAIL ACCOUNTS, THE 
FORENSIC INVESTIGATION OF 
THE INCIDENT REQUIRED AN 
ANALYSIS OF BOTH THE E-MAIL 
ACCOUNT AND THE FIRM 
SYSTEMS TO DETERMINE THE 
FULL EXTENT OF THE INCIDENT. 
IN ADDITION, IDENTIFICATION OF 
INDIVIDUALS FOR NOTIFICATION 
PURPOSES REQUIRED EXPORT 
AND REVIEW OF NUMEROUS E- 
MAIL MESSAGES AND 
ATTACHMENTS. 


If the delay was pursuant to a request from law enforcement pursuant to N.C.G.S. 75-65(c), please 
attach or mail the written request or the contemporaneous memorandum. 

How NC residents WRITTEN NOTICE 

were/will be 

notified? (pursuant 

to N.C.G.S. 75-65 

(e)): 

Please note if the business demonstrates that the cost of providing notice would 
exceed two hundred fifty thousand dollars ($250,000) or that the affected class of 



subject persons to be notified exceeds 500,000, or if the business does not have 
sufficient contact information or consent to satisfy subdivisions (1), (2), or (3) of 
this subsection, for only those affected persons without sufficient contact 
information or consent, or if the business is unable to identify particular affected 
persons, for only those unidentifiable affected persons. Substitute notice shall 
consist of all the following: 

• Email notice when the business has an electronic mail address for the 
subject persons 

• Conspicuous posting of the notice on the Web site page of the business, if 
one is maintained 

• Notification to major statewide media 


Please attach a copy of the notice if in written form or a copy of any scripted notice if in telephonic 
form. 

Contact Information ATTORNEY 
Affiliation with entity 
experiencing breach: 

Organization Name: NORTON ROSE FULBRIGHT US LLP 

Prefix: MR 


*First Name: 


KRISTOPHER 


Middle Name: 
*Last Name: 
Suffix: 

Title: 

Address: 

Apt/Suite/building: 

City: 

State: 

*Telephone: 

Email: 


KLEINER 

ASSOCIATE 

1200 17TH STREET 

1000 

DENVER 

CO Zip Code: 80202 

(303)801-2700 Fax: (303)801-2777 

KRIS.KLEINER@NORTONROSEFULBRIGHT.COM 



September 1, 2015 


[NAME] 

[ADDRESS] 

CITY, STATE ZIP] 

Dear [NAME]: 

Lando Law Firm, LLC (“the Firm”) is writing to inform you of a security incident that may have 
involved your personal information that was provided to the Firm by either you or your lender. We 
value our relationship with you and, as a precaution, are providing notice and outlining some steps you 
may take to help protect yourself. We sincerely apologize for any frustration or concerns this may 
cause you. 

On or about June 3, 2015, the Firm became the victim of a targeted phishing attack. As a result, the 
attackers obtained access to a firm email account intermittently on June 3 through June 4, 2015. 
These email accounts are hosted by a recognized third-party service provider. Upon learning of this 
attack, the Firm promptly notified federal and state law enforcement and began an investigation. The 
Firm has also been working with independent forensic investigators to determine the scope of the 
attack. That investigation has revealed no evidence that the attackers penetrated the Firm’s internal 
network or systems. 

We are writing to inform you that, through our ongoing investigation, we have learned that some of 
your personal information, including Social Security Number, bank account number, and driver’s 
license number, may have been accessible during the attack. The investigation has revealed no 
evidence that the attackers accessed or misused your personal information, however, we cannot 
exclude this possibility based on the evidence available. 

We take the privacy of personal information seriously, and deeply regret that this incident occurred. 
Upon learning of the incident, we promptly took steps to address the situation, including changing the 
account credentials to help prevent additional unauthorized access to the account, and implementing 
additional security measures on all of our company email accounts, including two-factor 
authentication, and providing additional information and employee training about these threats to help 
prevent this type of incident from recurring in the future. 

Nevertheless, we want to inform you of steps you may take to guard against identity theft or fraud. 
Please review the enclosed “Information about Identity Theft Protection” guide that describes 
additional steps you may take to help protect yourself, including recommendations from the Federal 
Trade Commission regarding identity theft protection and details on placing a fraud alert or a security 
freeze on your credit file. 



In addition, to help protect your identity, we are offering one year of complimentary membership in 
Experian’s® ProtectMylD® Alert, which helps detect possible misuse of your personal information 
and provides you with superior identity protection support focused on immediate identification and 
resolution of identity theft. Please refer to the enclosed guide for further information about these 
services and instructions on completing the enrollment process. 

If you have further questions or concerns about this incident, please feel free to contact our office at 
(877) 903-5665 between 9:00 a.m and 5:00 p.m Eastern time, Monday through Friday, or via email at 
info@landolawfirm.com. 

We sincerely regret any inconvenience or concern caused by this incident. 

Very truly yours, 

LANDO LAW FIRM, LLC 

Shannon M. Lando 
Attorney at Law 

/SML 



Information About Identity Theft Protection 


We have engaged Experian®, the largest credit bureau in the U.S., to offer you complimentary fraud resolution and identity protection services for 
one year. If you are a victim of fraud, simply call Experian at 877-288-8057 by December 9, 2015, and a dedicated Identity Theft Resolution agent 
will help you. Please provide the following engagement number as proof of eligibility: We also encourage you activate Experian's® 

ProtectMylD® Alert product, which helps detect possible misuse of your personal information and provides you with identity protection services 
focused on immediate identification and resolution of identity theft. To enroll, visit www.protectmyid.com/redeem by December 9, 2015 and 
use the following activation code: [ACTIVATION CODE], You may also enroll over the phone by calling 877-288-8057 between the hours of 9:00 
AM and 5:00 PM (Pacific Time), Monday through Friday (excluding holidays). 

We recommend that you regularly review statements from your accounts and periodically obtain your credit report from one or more of the 
national credit reporting companies. You may obtain a free copy of your credit report online at www.annualcreditreport.com, by calling toll-free 
1-877-322-8228, or by mailing an Annual Credit Report Request Form (available at www.annualcreditreport.com) to: Annual Credit Report Request 
Service, P.O. Box 105281, Atlanta, GA, 30348-5281. You may also purchase a copy of your credit report by contacting one or more of the three 
national credit reporting agencies listed at the bottom of this page. 

You should remain vigilant with respect to reviewing your account statements and credit reports, and you should promptly report any suspicious 
activity or suspected identity theft to us and to the proper law enforcement authorities, including local law enforcement, your state's attorney 
general, and/or the Federal Trade Commission ("FTC"). You may contact the FTC or your state's regulatory authority to obtain additional 
information about avoiding and protection against identity theft: Federal Trade Commission, Consumer Response Center 600 Pennsylvania Avenue, 
NW, Washington, DC 20580, 1-877-IDTHEFT (438-4338), www.ftc.gov/idtheft 

For residents of Maryland: You may also obtain information about preventing and avoiding identity theft from the Maryland Office of the Attorney 
General: Maryland Office of the Attorney General, Consumer Protection Division, 200 St. Paul Place, Baltimore, MD 21202, 1-888-743-0023, 
www.oag.state.md.us 

For residents of North Carolina: You may also obtain information about preventing and avoiding identity theft from North Carolina Attorney 
General's Office: North Carolina Attorney General's Office, Consumer Protection Division, 9001 Mail Service Center, Raleigh, NC 27699-9001, 
1-877-5-NO-SCAM, www.ncdoj.gov 

Fraud Alerts: There are also two types of fraud alerts that you can place on your credit report to put your creditors on notice that you may be a 
victim of fraud: an initial alert and an extended alert. You may ask that an initial fraud alert be placed on your credit report if you suspect you have 
been, or are about to be, a victim of identity theft. An initial fraud alert stays on your credit report for at least 90 days. You may have an extended 
alert placed on your credit report if you have already been a victim of identity theft with the appropriate documentary proof. An extended fraud 
alert stays on your credit report for seven years. You can place a fraud alert on your credit report by contacting any of the three national credit 
reporting agencies at the addresses or toll-free numbers listed at the bottom of this page. 

Credit Freezes: You may have the right to put a credit freeze, also known as a security freeze, on your credit file, so that no new credit can be 
opened in your name without the use of a PIN number that is issued to you when you initiate a freeze. A credit freeze is designed to prevent 
potential credit grantors from accessing your credit report without your consent. If you place a credit freeze, potential creditors and other third 
parties will not be able to get access to your credit report unless you temporarily lift the freeze. Therefore, using a credit freeze may delay your 
ability to obtain credit. In addition, you may incur fees to place, lift and/or remove a credit freeze. Credit freeze laws vary from state to state. The 
cost of placing, temporarily lifting, and removing a credit freeze also varies by state, generally $5 to $20 per action at each credit reporting 
company. Unlike a fraud alert, you must separately place a credit freeze on your credit file at each credit reporting company. Since the instructions 
for how to establish a credit freeze differ from state to state, please contact the three major credit reporting companies as specified below to find 
out more information. 

You can obtain more information about fraud alerts and credit freezes by contacting the FTC or one of the national credit reporting agencies listed 
below. 

National Credit Reporting Agencies 


Equifax (www.equifax.com) 
P.O. Box 105851 
Atlanta, GA 30348 
800-685-1111 


Experian (www.experian.com) 
P.O. Box 2002 
Allen, TX 75013 
888-397-3742 


TransUnion (www.transunion.com) 
P.O. Box 105281 
Atlanta, GA 30348 
877-322-8228 


Fraud Alerts: P.O. Box 105069, Atlanta, GA 30348 Fraud Alerts and Security Freezes: 

Credit Freezes: P.O. Box 105788, Atlanta, GA 30348 P.O. Box 9554, Allen, TX 75013 


Fraud Alerts and Security Freezes: 

P.O. Box 2000, Chester, PA 19022 
888-909-8872 



